An Oxymoron : Static Analysis of a Dynamic Language (Part 3)
TypeScript to the rescue
- Objects are mappings from strings (property names) to values. In general, properties can be added and removed during execution and property names may be dynamically computed.
- Undefined results, such as accessing a non-existing property of an object, are represented by a particular value undefined, but there is a subtle distinction between an object that lacks a property and an object that has the property set to undefined
- Values are freely converted from one type to another type with few exceptions. In fact, there are only a few cases where no automatic conversion applies: The values null and undefined cannot be converted to objects and only function values can be invoked as functions. Some of the automatic conversions are non-intuitive and programmers should be aware of them.
- With the eval function, a dynamically constructed string can be interpreted as a program fragment and executed in the current scope
Many security problems can be formalized as information flow problems which seek to preserve the integrity of data (i.e., not allow untrusted values to affect a sensitive value or operation) and confidentiality of data (i.e., keep sensitive values from being observed from outside the computation).
Taint analysis detects flows of data that violate program integrity and data confidentiality.
In the next part of this series we will illustrate how these challenges of applying taint flow analysis in an untyped and asynchronous event handling paradigm.
An Oxymoron : Static Analysis of a Dynamic Language (Part 3) was originally published in ShiftLeft Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.
*** This is a Security Bloggers Network syndicated blog from ShiftLeft Blog - Medium authored by Chetan Conikee. Read the original post at: https://blog.shiftleft.io/an-oxymoron-static-analysis-of-a-dynamic-language-part-3-340b808b865c?source=rss----86a4f941c7da---4